package com.yuand.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @ClassName: BookController
 * @Author: yuandong
 * @Date 2022/1/15 11:34
 */
@RestController
@RequestMapping("/book")
public class BookController {

    @GetMapping("/list")
    @PreAuthorize("hasAuthority('sys:book:list')")
    public String list(){

        return "拥有图书查看权限";
    }

    @GetMapping("/delete")
    @PreAuthorize("hasAuthority('sys:book:delete')")
    public String delete(){
        return "拥有图书删除权限";
    }


    @RequestMapping("/sys")
    @PreAuthorize("hasAuthority('sys:user:sys')")
    public String sys(){
        return "拥有至高无上的权限，谁都不能看......";
    }


}
